Академический Документы
Профессиональный Документы
Культура Документы
LEARNING OBJECTIVES :
To develop business continuity plan
6.0 INTRODUCTION
Business continuity focuses on maintaining the
operations of an organisation, especially the IT
infrastructure in face of a threat that has materialised.
Disaster recovery, on the other hand, arises mostly
when business continuity plan fails to maintain
operations and there is a service disruption.
This plan focuses on restarting the operation using a
prioritised resumption list.
Lack of integrity :
Control measures to ensure integrity include:
implementation of security policies,
procedures and standards,
use of encryption techniques and digital signatures,
inclusion of data validation,
editing, and reconciliation techniques for inputs,
processes and outputs,
updated antivirus software,
division of job and layered control to prevent
impersonation,
use of disk repair utility,
implementation of user identification,
authentication and access control techniques,
backup of system and data,
security awareness programs and training of employees,
installation of audit trails,
audit of adequacy of data integrity.
Lack of confidentiality :
Control measures to ensure confidentiality include:
use of encryption techniques and digital signatures,
implementation of a system of accountability by logging
and journaling system activity,
development of a security policy procedure and
standard,
employee awareness and training,
requiring employees to sign a non-disclosure
undertaking,
implementation of physical and logical access controls,
use of passwords and other authentication techniques,
establishment of a documentation and distribution
schedule,
secure storage of important media and data files,
installation of audit trails,
audit of confidentiality of data.
Disgruntled employees :
Control measures to include installation of physical and
logical access controls, logging and notification of
unsuccessful logins, use of a disconnect feature on
multiple unsuccessful logins, protection of modem and
network devices, installation of one time use only
passwords, security awareness programs and training of
employees,, application of motivation theories, job
enrichment and job rotation.
Off-Site Backup :
off-Site backup is done to keep at least one copy of your
redundant backups in an alternative location.
In case the size of the backup is considerably big
(>10GB), cost of high-speed link, security issues, and
backup time will rule out the idea of backing up through
high-speed links.
A practical solution would be to take a backup into a
removable backup disk, which will be shuttled out of your
site into a secure location.
Media - Rotation –
Tactics : Once in a while, rotate the active backup media
with one of the offsite stored media.
This will update the offsite media with the latest data
changes.
To reduce data loss in case of a major disaster, it is
recommended to daily switch the active backup media
with one of the stored.
6.10 INSURANCE
The purpose of insurance is to spread the economic cost
and the risk of loss from an individual or business to a
large number of people.
This is accomplished through the use of an insurance
policy.
Policies are contracts that obligate the insurer to
indemnify the policyholder or some third party from
specific risks in return for the payment of a premium.
Adequate insurance coverage is a key consideration
when developing a business recovery plan and
performing a risk analysis.
Most insurance agencies specialising in business
interruption coverage can provide the organisation with
an estimate of anticipated business interruption costs.
Most business interruption coverage includes lost
revenues following a disaster.
Extra expense coverage includes all additional expenses
until normal operations can be resumed.
Policies usually can be obtained to cover the following
resources:
Equipment : Covers repair or acquisition of hardware.
It varies depending on whether the equipment is
purchased or leased.
Facilities : Covers items such as reconstruction of a
computer room, raised floors, special furniture.
Storage media : Covers the replacement of the storage
media plus their contents – data files, programs,
documentation.
Business interruption : Covers loss in business income
because an organisation is unable to trade.
Extra expenses : Covers additional costs incurred
because an organisation is not operating from its normal
facilities.
Valuable papers : Covers source documents, pre-
printed reports, and records documentation, and other
valuable papers.
Accounts receivable : Covers cash-flow problems that
arise because an organisation cannot collect its
accounts receivable promptly.
Media transportation : Covers damage to media in
transit.
Malpractice, errors: Covers claims against an
organisation by its customers, and omission e.g., claims
and omission made by the clients of an outsourcing
vendor or service bureau.
(i) Hypothetical :
The hypothetical test is an exercise to verify the
existence of all necessary procedures and actions
specified within the recovery plan and to prove the
theory of those procedures.
It is a theoretical check and must be conducted
regularly.
This exercise is generally a brief one designed to look at
the worst case for equipment, ensuring that the entire
plan process is reviewed.
(ii) Component :
A component is the smallest set of instructions within the
recovery plan which enables specific processes to be
performed.
For example the process “System Load/IPL” involves a
series of commands to load the system.
However, in the recovery situation this may be different
from normal operational requirements.
Certain functions need to be enabled or disabled to suit
the new environment.
If this is not fully tested incompatibility problems with
other components are likely.
Component testing is designed to verify the detail and
accuracy of individual procedures within the recovery
plan and can be used when no additional system can be
made available for extended periods.
Examples of component tests include:
back-up procedures,
offsite tape storage recovery,
technology and network infrastructure assembly,
recovery and restoration procedures and security
package start-up procedures.
(iii) Module :
A module is a combination of components.
The ideal method of testing is that each component be
individually tested before being included in a module.
The aim of module testing is to verify the validity and
functionality of the recovery procedures when multiple
components are combined.
If one is able to test all modules, even if unable to
perform a full test, then one can be confident that the
business will survive a major disaster.
It is when a series of components are combined without
individual tests that difficulties occur.
Examples of module testing include:
alternate site activation,
system recovery,
network recovery,
application recovery,
database recovery and
run production processing.
(iv) Full :
The full test verifies that each component within every
module is workable and satisfies the strategy and
recovery time objective detailed in the recovery plan.
The test also verifies the interdependencies of various
modules to ensure that progression from one module to
another can be effected without problem or loss of data.
The two main objectives associated with full test are:
To confirm that the total time elapsed meets the
recovery time objective.
To prove the efficiency of the recovery plan to ensure a
smooth flow from module to module.
6.11.1 Setting objectives :
Each test is designed around a worst-case scenario for
equipment as this will ensure the entire plan is examined
for all possible disastrous situations.
Only when every requirement associated with each
component has been documented and verified can the
recovery plan be said to be complete and functional.
Test objectives should include :
Recovery of systems at the standby site, and
establishment of an environment to enable full
accommodation of the nominated applications.
A fully documented set of procedures to obtain and
utilise offsite tapes to restore the system and critical
applications to the agreed recovery point, as set out in
the recovery plan.
Recovery of system/application/network/database data
from the offsite/backup tapes.
Detailed documentation on how to restore the
production data as stipulated in the recovery plan, to the
agreed recovery point.
Fully documented procedures for establishing
communication lines/ equipment to enable full availability
and usage by appropriate areas e.g. business units, data
entry, users, etc.
Established communication lines/equipment as set out
in the plan.
Examination of the designated alternative sites and
confirmation of all components are also noted in the
plan.
6.11.3 Scenario :
The scenario is the description of the disaster and
explains the various criteria associated with such a
disaster.
For example the scenario must outline what caused the
disaster and the level of damage sustained to the
equipment and facilities, and whether or not anything
can be salvaged from the wreckage.
The purpose is not to get bogged down in great details
but to explain to all the participants what is, or is not
available, what tools can, or cannot be used, the
objective of the exercise, the time of the disaster, and
the planned recovery points.
6.11.5 Assumption :
Assumptions will need to be made.
They allow a test to achieve the results without being
bound by other elements of the recovery plan, which
may not yet have been verified.
Assumptions allow prerequisites of a particular
component/module to be established outside the test
boundaries.
Examples include:
All technical information documented in the plan,
including appendices, are complete and accurate.
All purchases (equipment, furniture, etc.) can be made
in the recovery time required.
Tapes and other equipment recalled from offsite are
valid and useable.
6.11.8 Checklists :
Checklists provide the minimum preparation for all test
types.
Checklists are directly related to specific modules of the
recovery plan and all sections relevant to particular test
must be verified as complete before a test date is set.
As these checklists follow various modules associated
with the recovery plan, only those parts applicable to the
forthcoming test are compulsory prerequisites for that
test.
However, it is recommended that all sections of the
checklist be completed as soon as possible.
Checklists showing the details required are provided in
the following section.
i. Automated Tools :
Automated tools make it possible to review large
computer systems for a variety of flaws in a short time
period.
They can be used to find threats and vulnerabilities such
as weak access controls, weak passwords, lack of
integrity of the system software, etc.